KNEL/TSYSDevStack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ab54d694f26d0a9b7df70d341afadccd3d3ac5ab
TSYSDevStack/ToolboxStack/output/toolbox-qadocker/README.md
ReachableCEO ab54d694f2 chore(filesystem): reflect major filesystem restructuring changes 
- Renamed DocStack to dockstack
- Transformed toolbox-template into toolbox-qadocker with new functionality
- Removed NewToolbox.sh script
- Updated PROMPT and configuration files across all toolboxes
- Consolidated audit and testing scripts
- Updated QWEN.md to reflect new filesystem structure as authoritative source
- Merged PROMPT content into QWEN.md as requested

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

The filesystem structure has been intentionally restructured and is now the authoritative source of truth for the project organization.
2025-10-31 13:26:39 -05:00

79 lines
2.3 KiB
Markdown
Raw Blame History

# 🧰 TSYSDevStack QA Docker Toolbox
A minimal Docker image designed for auditing, verifying, and testing Docker images and container configurations.
---
## 🚀 Quick Start
1. **Build the toolbox**
```bash
./build.sh
```
2. **Start the toolbox**
```bash
./run.sh up
```
3. **Access the toolbox**
```bash
docker exec -it tsysdevstack-toolboxstack-qadocker bash
```
4. **Stop the toolbox**
```bash
./run.sh down
```
---
## 🧱 Architecture
- **Base Image**: Ubuntu 24.04 (minimal base without extending from toolbox-base)
- **User**: Runs as non-root `toolbox` user (UID/GID mapped to host)
- **Workspace**: Mounts current directory to `/workspace` (read/write)
- **Tools**: Contains essential Docker auditing and security tools
---
## 🛠️ Included Tools
### Docker Auditing & Security
- **Docker CLI**: For Docker operations and container management
- **Hadolint**: Dockerfile linter for best practices and common errors
- **Dive**: Tool to explore Docker image layers and discover inefficiencies
- **Trivy**: Comprehensive security scanner for vulnerabilities
- **Grype**: Vulnerability scanner for container images
- **Docker Bench Security**: Tool for running CIS Docker benchmark tests
### Version Control & General Tools
- **Git**: For version control operations
- **Lazygit**: Terminal UI for Git
- **Curl/Wget**: For downloading resources
- **Yq**: Command-line YAML processor
- **Xh**: Friendly and fast tool for HTTP requests
---
## 📂 Project Layout
| Path | Purpose |
|------|---------|
| `Dockerfile` | Defines the minimal QA Docker image with auditing tools |
| `docker-compose.yml` | Service configuration for the QA toolbox |
| `build.sh` | Wrapper around `docker build` with host UID/GID mapping |
| `run.sh` | Helper to bring the service up/down |
| `aqua.yaml` | Configuration for aqua-managed CLI tools |
| `SEED` | Defines the toolbox's purpose and goals |
| `PROMPT` | LLM onboarding prompt for future contributors |
---
## 🤝 Collaboration Notes
- This is the ONLY image that does NOT extend from `toolbox-base` (used for bootstrap purposes)
- Designed for use by AI CLI agents when creating and verifying container images
- Contains tools for auditing Docker images (hadolint, dive, etc.)
- Meant to be rebuilt quickly and be easy to extend
- Follows best security practices for minimal attack surface
Reference in New Issue View Git Blame Copy Permalink